HeapTherapy: An Efficient End-to-End Solution against Heap Buffer Overflows

Qiang Zeng, Mingyi Zhao, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

19 Scopus citations

Abstract

For decades buffer overflows have been one of the most prevalent and dangerous software vulnerabilities. Although many techniques have been proposed to address the problem, they mostly introduce a very high overhead while others assume the availability of a separate system to pinpoint attacks or provide detailed traces for defense generation, which is very slow in itself and requires considerable extra resources. We propose an efficient solution against heap buffer overflows that integrates exploit detection, defense generation, and overflow prevention in a single system, named Heap Therapy. During program execution it conducts on-the-fly lightweight trace collection and exploit detection, and initiates automated diagnosis upon detection to generate defenses in real-time. It can handle both over-write and over-read attacks, such as the recent Heartbleed attack. The system has no false positives, and keeps effective under polymorphic exploits.%as the generated defense captures semantic characteristics of exploits. It is compliant with mainstream hardware and operating systems, and does not rely on specific allocation algorithms. We evaluated Heap Therapy on a variety of services (database, web, and ftp) and benchmarks (SPEC CPU2006), it incurs a very low average overhead in terms of both speed (6.2%) and memory (7.7%).

Original languageEnglish (US)
Title of host publicationProceedings - 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2015
PublisherIEEE Computer Society
Pages485-496
Number of pages12
ISBN (Electronic)9781479986293
DOIs
StatePublished - Sep 14 2015
Event45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2015 - Rio de Janeiro, Brazil
Duration: Jun 22 2015Jun 25 2015

Publication series

NameProceedings of the International Conference on Dependable Systems and Networks
Volume2015-September

Other

Other45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2015
Country/TerritoryBrazil
CityRio de Janeiro
Period6/22/156/25/15

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'HeapTherapy: An Efficient End-to-End Solution against Heap Buffer Overflows'. Together they form a unique fingerprint.

Cite this